<?php

/**
 * ECSHOP 用户中心
 * ============================================================================
 * * 版权所有 2005-2012 上海商派网络科技有限公司，并保留所有权利。
 * 网站地址: http://www.ecshop.com；
 * ----------------------------------------------------------------------------
 * 这不是一个自由软件！您只能在不用于商业目的的前提下对程序代码进行修改和
 * 使用；不允许对程序代码以任何形式任何目的的再发布。
 * ============================================================================
 * $Author: liubo $
 * $Id: user.php 16643 2009-09-08 07:02:13Z liubo $
*/

define('IN_ECS', true);

require(dirname(__FILE__) . '/includes/init.php');
/* 载入语言文件 */
require_once(ROOT_PATH . 'languages/' .$_CFG['lang']. '/user.php');

$act = isset($_GET['act']) ? $_GET['act'] : '';

/* 用户登陆 */
if ($act == 'do_login')
{
    $mobile = !empty($_POST['mobile']) ? $_POST['mobile'] : '';
    $item_info  = isset($_POST['item']) ? trim($_POST['item']) : '';
    $pwd = !empty($_POST['pwd']) ? $_POST['pwd'] : '';

    if (empty($mobile) || empty($pwd))
    {
        print_r(returnFail('请输入用户名或密码'));
    }
    else
    {
        $info = $user->check_user($mobile, $pwd);
        if ($info['status'] == 'ok' )
        {
            $user->set_session($mobile);
            $user->set_cookie($mobile);
            if( $item_info ) $_SESSION['item_info'] = $item_info;
            print_r(returnSuccess());
        }
        else
        {
            print_r(returnFail($info['msg'],$info['type']));
        }
    }
}
/* 退出会员中心 */
elseif ($act == 'logout')
{
    if (!isset($back_act) && isset($GLOBALS['_SERVER']['HTTP_REFERER']))
    {
        $back_act = strpos($GLOBALS['_SERVER']['HTTP_REFERER'], 'user.php') ? './index.php' : $GLOBALS['_SERVER']['HTTP_REFERER'];
    }

    $user->logout();
    $Loaction = 'index.php';
    ecs_header("Location: $Loaction\n");

}
/* 显示会员注册界面 */
elseif ($act == 'register')
{
    if (!isset($back_act) && isset($GLOBALS['_SERVER']['HTTP_REFERER']))
    {
        $back_act = strpos($GLOBALS['_SERVER']['HTTP_REFERER'], 'user.php') ? './index.php' : $GLOBALS['_SERVER']['HTTP_REFERER'];
    }

    /* 取出注册扩展字段 */
    $sql = 'SELECT * FROM ' . $ecs->table('reg_fields') . ' WHERE type < 2 AND display = 1 ORDER BY dis_order, id';
    $extend_info_list = $db->getAll($sql);
    $smarty->assign('extend_info_list', $extend_info_list);
    /* 密码找回问题 */
    $_LANG['passwd_questions']['friend_birthday'] = '我最好朋友的生日？';
    $_LANG['passwd_questions']['old_address']     = '我儿时居住地的地址？';
    $_LANG['passwd_questions']['motto']           = '我的座右铭是？';
    $_LANG['passwd_questions']['favorite_movie']  = '我最喜爱的电影？';
    $_LANG['passwd_questions']['favorite_song']   = '我最喜爱的歌曲？';
    $_LANG['passwd_questions']['favorite_food']   = '我最喜爱的食物？';
    $_LANG['passwd_questions']['interest']        = '我最大的爱好？';
    $_LANG['passwd_questions']['favorite_novel']  = '我最喜欢的小说？';
    $_LANG['passwd_questions']['favorite_equipe'] = '我最喜欢的运动队？';
    /* 密码提示问题 */
    $smarty->assign('passwd_questions', $_LANG['passwd_questions']);
    $smarty->assign('footer', get_footer());
    $smarty->display('user_passport.html');
}
/* 注册会员的处理 */
elseif ($act == 'act_register')
{
        include_once(ROOT_PATH . 'includes/lib_passport.php');

        $phone = isset($_POST['phone']) ? trim($_POST['phone']) : '';
        $password = isset($_POST['pwd']) ? trim($_POST['pwd']) : '';
        $username = isset($_POST['username']) ? trim($_POST['username']) : '';
        $item_info  = isset($_POST['item']) ? trim($_POST['item']) : '';
        $code   = isset($_POST['code']) ? trim($_POST['code']) : '';

        $info = $user->check_user($phone);
        if( !$info ) {
            $tag=false;
            if(!empty($_SESSION['sms_code_'.$phone])){
                foreach($_SESSION['sms_code_'.$phone] as $k=>$v) {
                    if($code==$v) $tag=true;
                }
            }
            if( !$tag ) {
                print_r(returnFail('验证码错误', 'code_error'));
                exit;
            }

            if (!$GLOBALS['user']->add_user($phone,$username, $password, '' )) {
                print_r(returnFail($GLOBALS['user']->error, 'reg_error'));
            }else{
                $user->set_session($phone);
                $user->set_cookie($phone);
                if( $item_info ) $_SESSION['item_info'] = $item_info;

                print_r(returnSuccess());
            }
        }else{
            print_r(returnFail('用户已经存在', 'isexist'));
        }
        
}else if( $act == 'send_code' )
{
    $phone = $_POST['phone'];
    $info = $user->check_user($phone);
    if( $info ){
        print_r(returnFail('用户已经存在', 'isexist'));
    }else{       
        $return_code = getCurl('http://wx.test.hfjy.red/gongkai/index.php?s=/addon/Api/Api/sendSMSCode/phone/'.$phone);

        if( $return_code['isok'] ){
            $_SESSION['sms_code_'.$phone][] = $return_code['data']['code'];
            print_r(returnSuccess());
        }else{
            print_r(returnFail($return_code['msg'], $return_code['msg_code']));
        }
    }
    exit;
}else if( $act == 'user_info' )
{
    if( $_SESSION['email'] == "0" ) $_SESSION['email'] = '';
    $smarty->assign('user_info', $_SESSION);
    $smarty->display('user_info.html');

/*修改用户信息*/
}else if( $act == 'edit_user' )
{
    if( !$_SESSION['phone'] ){
        print_r(returnFail('你还没有登录', 'no_login'));exit;
    }else{

        $data['phone'] = $_SESSION['phone'];        
        $data['qq']    = $_POST['qq'];
        $data['email'] = $_POST['email'];

        if(!$GLOBALS['user']->edit_user( $data )){
            print_r(returnFail($GLOBALS['user']->error, 'edit_error'));exit;
        }else{
            $user->set_session($_SESSION['phone']);
            $user->set_cookie($_SESSION['phone']);
            print_r(returnSuccess());exit;
        }
    }
/* 付款方式*/
}else if( $act == 'payment' ){
    $type = (isset($_GET['type']) && $_GET['type']) ? $_GET['type']:($_SESSION['pay_en_name']?$_SESSION['pay_en_name']:'online');
    $smarty->assign( 'type', $type );
    $smarty->display('payment.html');
}
/* 找回密码 */
else if( $act == 'find_pwd' ){

    $phone = isset($_POST['phone']) ? trim($_POST['phone']) : '';
    $password = isset($_POST['pwd']) ? trim($_POST['pwd']) : '';
    $code   = isset($_POST['code']) ? trim($_POST['code']) : '';
    $item_info  = isset($_POST['item']) ? trim($_POST['item']) : '';

    $info = $user->check_user($phone);
    if( $info ) {
        $tag=false;
        if(!empty($_SESSION['sms_code_'.$phone])){
            foreach($_SESSION['sms_code_'.$phone] as $k=>$v) {
                if($code==$v) $tag=true;
            }
        }
        if( !$tag ) {
            print_r(returnFail('验证码错误', 'code_error'));
            exit;
        }
        $find_pwd_info = $GLOBALS['user']->change_password_by_phone($phone, $password );
        if ( !$find_pwd_info['status'] ) {
            print_r(returnFail($find_pwd_info['msg'], 'error'));
        }else{
            if( $item_info ) $_SESSION['item_info'] = $item_info;
            print_r(returnSuccess());
        }
    }else{
        print_r(returnFail('用户不存在', 'no_user'));
    }
}
/* 用户中心 */
else
{
    if ($_SESSION['user_id'] > 0)
    {
        show_user_center();
    }
    else
    {
        $smarty->assign('footer', get_footer());
        $smarty->display('login.html');
    }
}

/**
 * 用户中心显示
 */
function show_user_center()
{
    $best_goods = get_recommend_goods('best');
    if (count($best_goods) > 0)
    {
        foreach  ($best_goods as $key => $best_data)
        {
            $best_goods[$key]['shop_price'] = encode_output($best_data['shop_price']);
            $best_goods[$key]['name'] = encode_output($best_data['name']);
        }
    }
    $GLOBALS['smarty']->assign('best_goods' , $best_goods);
    $GLOBALS['smarty']->assign('footer', get_footer());
    $GLOBALS['smarty']->display('user.html');
}

/**
 * 手机注册
 */
function m_register($username, $password, $email, $other = array())
{
    /* 检查username */
    if (empty($username))
    {
        echo '用户名不能为空';
        $Loaction = 'user.php?act=register';
        ecs_header("Location: $Loaction\n");
        return false;
    }
    if (preg_match('/\'\/^\\s*$|^c:\\\\con\\\\con$|[%,\\*\\"\\s\\t\\<\\>\\&\'\\\\]/', $username))
    {
        echo '用户名错误';
        $Loaction = 'user.php?act=register';
        ecs_header("Location: $Loaction\n");
        return false;
    }

    /* 检查email */
    if (empty($email))
    {
        echo 'email不能为空';
        $Loaction = 'user.php?act=register';
        ecs_header("Location: $Loaction\n");
        return false;
    }
    if(!is_email($email))
    {
        echo 'email错误';
        $Loaction = 'user.php?act=register';
        ecs_header("Location: $Loaction\n");
        return false;
    }

    /* 检查是否和管理员重名 */
    if (admin_registered($username))
    {
        echo '此用户已存在！';
        $Loaction = 'user.php?act=register';
        ecs_header("Location: $Loaction\n");
        return false;
    }

    if (!$GLOBALS['user']->add_user($username, $password, $email))
    {
        echo '注册失败！';
        $Loaction = 'user.php?act=register';
        ecs_header("Location: $Loaction\n");
        //注册失败
        return false;
    }
    else
    {
        //注册成功

        /* 设置成登录状态 */
        $GLOBALS['user']->set_session($username);
        $GLOBALS['user']->set_cookie($username);

     }

        //定义other合法的变量数组
        $other_key_array = array('msn', 'qq', 'office_phone', 'home_phone', 'mobile_phone');
        $update_data['reg_time'] = local_strtotime(local_date('Y-m-d H:i:s'));
        if ($other)
        {
            foreach ($other as $key=>$val)
            {
                //删除非法key值
                if (!in_array($key, $other_key_array))
                {
                    unset($other[$key]);
                }
                else
                {
                    $other[$key] =  htmlspecialchars(trim($val)); //防止用户输入javascript代码
                }
            }
            $update_data = array_merge($update_data, $other);
        }
        $GLOBALS['db']->autoExecute($GLOBALS['ecs']->table('users'), $update_data, 'UPDATE', 'user_id = ' . $_SESSION['user_id']);

        update_user_info();      // 更新用户信息

        return true;

}


?>